enju_leaf 1.1.4 → 1.2.0.beta.1

data/app/controllers/user_groups_controller.rb

@@ -1,7 +1,7 @@
-# -*- encoding: utf-8 -*-
 class UserGroupsController < ApplicationController
-  load_and_authorize_resource
-  before_filter :prepare_options, only: [:new, :edit]
+  before_action :set_user_group, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :prepare_options, only: [:new, :edit]
 
   # GET /user_groups
   # GET /user_groups.json
@@ -86,6 +86,15 @@ class UserGroupsController < ApplicationController
   end
 
   private
+  def set_user_group
+    @user_group = UserGroup.find(params[:id])
+    authorize @user_group
+  end
+
+  def check_policy
+    authorize UserGroup
+  end
+
   def user_group_params
     params.require(:user_group).permit(
       :name, :display_name, :note, :valid_period_for_new_user,

data/app/controllers/user_import_files_controller.rb

@@ -1,6 +1,7 @@
 class UserImportFilesController < ApplicationController
-  load_and_authorize_resource
-  before_filter :prepare_options, only: [:new, :edit]
+  before_action :set_user_import_file, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
+  before_action :prepare_options, only: [:new, :edit]
 
   # GET /user_import_files
   # GET /user_import_files.json
@@ -63,7 +64,7 @@ class UserImportFilesController < ApplicationController
     respond_to do |format|
       if @user_import_file.save
         if @user_import_file.mode == 'import'
-          Resque.enqueue(UserImportFileQueue, @user_import_file.id)
+          UserImportFileJob.perform_later(@user_import_file)
         end
         format.html { redirect_to @user_import_file, notice: t('import.successfully_created', model: t('activerecord.models.user_import_file')) }
         format.json { render json: @user_import_file, status: :created, location: @user_import_file }
@@ -81,7 +82,7 @@ class UserImportFilesController < ApplicationController
     respond_to do |format|
       if @user_import_file.update_attributes(user_import_file_params)
         if @user_import_file.mode == 'import'
-          Resque.enqueue(UserImportFileQueue, @user_import_file.id)
+          UserImportFileJob.perform_later(@user_import_file)
         end
         format.html { redirect_to @user_import_file, notice: t('controller.successfully_updated', model: t('activerecord.models.user_import_file')) }
         format.json { head :no_content }
@@ -105,6 +106,15 @@ class UserImportFilesController < ApplicationController
   end
 
   private
+  def set_user_import_file
+    @user_import_file = UserImportFile.find(params[:id])
+    authorize @user_import_file
+  end
+
+  def check_policy
+    authorize UserImportFile
+  end
+
   def user_import_file_params
     params.require(:user_import_file).permit(
       :user_import, :edit_mode, :user_encoding, :mode,

data/app/controllers/user_import_results_controller.rb

@@ -1,5 +1,6 @@
 class UserImportResultsController < ApplicationController
-  load_and_authorize_resource
+  before_action :set_user_import_result, only: [:show, :edit, :update, :destroy]
+  before_action :check_policy, only: [:index, :new, :create]
 
   # GET /user_import_results
   # GET /user_import_results.json
@@ -39,6 +40,15 @@ class UserImportResultsController < ApplicationController
   end
 
   private
+  def set_user_import_result
+    @user_import_result = UserImportResult.find(params[:id])
+    authorize @user_import_result
+  end
+
+  def check_policy
+    authorize UserImportResult
+  end
+
   def user_import_result_params
     params.require(:user_import_result).permit(
       :user_import_file_id, :user_id, :body

data/app/jobs/user_export_file_job.rb

@@ -0,0 +1,7 @@
+class UserExportFileJob < ActiveJob::Base
+  queue_as :enju_leaf
+
+  def perform(user_export_file)
+    user_export_file.export!
+  end
+end

data/app/jobs/user_import_file_job.rb

@@ -0,0 +1,7 @@
+class UserImportFileJob < ActiveJob::Base
+  queue_as :enju_leaf
+
+  def perform(user_import_file)
+    user_import_file.import_start
+  end
+end

data/app/mailers/notifier.rb

@@ -1,6 +1,4 @@
 class Notifier < ActionMailer::Base
-  include Resque::Mailer
-
   def message_notification(message_id)
     message = Message.find(message_id)
     I18n.locale = message.receiver.profile.locale.try(:to_sym) || I18n.default_locale

data/app/models/concerns/calculate_stat.rb

@@ -0,0 +1,35 @@
+module CalculateStat
+  extend ActiveSupport::Concern
+
+  included do
+    validates_presence_of :start_date, :end_date
+    validate :check_date
+
+    # 利用統計の集計を開始します。
+    def self.calculate_stat
+      self.not_calculated.each do |stat|
+        stat.transition_to!(:started)
+      end
+    end
+  end
+
+  # 利用統計の日付をチェックします。
+  def check_date
+    if self.start_date and self.end_date
+      if self.start_date >= self.end_date
+        errors.add(:start_date)
+        errors.add(:end_date)
+      end
+    end
+  end
+
+  # 利用統計の集計完了メッセージを送信します。
+  def send_message
+    sender = User.find(1) #system
+    message_template = MessageTemplate.localized_template('counting_completed', user.profile.locale)
+    request = MessageRequest.new
+    request.assign_attributes({sender: sender, receiver: user, message_template: message_template})
+    request.save_message_body
+    request.transition_to!(:sent)
+  end
+end

data/app/models/concerns/enju_leaf/enju_user.rb

@@ -0,0 +1,309 @@
+module EnjuLeaf
+  module EnjuUser
+    extend ActiveSupport::Concern
+
+    included do
+      scope :administrators, -> { joins(:role).where('roles.name = ?', 'Administrator') }
+      scope :librarians, -> { joins(:role).where('roles.name = ? OR roles.name = ?', 'Administrator', 'Librarian') }
+      scope :suspended, -> { where('locked_at IS NOT NULL') }
+      has_one :profile
+      if defined?(EnjuBiblio)
+        has_many :import_requests
+        has_many :picture_files, as: :picture_attachable, dependent: :destroy
+      end
+      has_one :user_has_role, dependent: :destroy
+      has_one :role, through: :user_has_role
+      belongs_to :user_group
+      belongs_to :library
+      belongs_to :required_role, class_name: 'Role', foreign_key: 'required_role_id'
+      accepts_nested_attributes_for :user_has_role
+
+      validates :username, presence: true, uniqueness: true, format: {
+        with: /\A[0-9A-Za-z][0-9A-Za-z_\-]*[0-9A-Za-z]\z/
+      }
+      validates :email, format: Devise::email_regexp, allow_blank: true, uniqueness: true
+      validates_date :expired_at, allow_blank: true
+
+      with_options if: :password_required? do |v|
+        v.validates_presence_of     :password
+        v.validates_confirmation_of :password
+        v.validates_length_of       :password, allow_blank: true,
+          within: Devise::password_length
+      end
+
+      before_validation :set_lock_information
+      before_destroy :check_role_before_destroy
+      before_save :check_expiration
+      after_create :set_confirmation
+
+      extend FriendlyId
+      friendly_id :username
+      strip_attributes only: :username
+      strip_attributes only: :email, allow_empty: true
+
+      attr_accessor :password_not_verified,
+        :update_own_account, :auto_generated_password,
+        :locked, :current_password #, :agent_id
+
+      paginates_per 10
+
+      def send_devise_notification(notification, *args)
+        devise_mailer.send(notification, self, *args).deliver_later
+      end
+
+      # 有効期限切れのユーザを一括で使用不可にします。
+      def self.lock_expired_users
+        User.find_each do |user|
+          user.lock_access! if user.expired? and user.active_for_authentication?
+        end
+      end
+
+      # ユーザの情報をエクスポートします。
+      # @param [Hash] options
+      def self.export(options = {format: :txt})
+        header = %w(
+          username
+          full_name
+          full_name_transcription
+          email
+          user_number
+          role
+          user_group
+          library
+          locale
+          locked
+          required_role
+          created_at
+          updated_at
+          expired_at
+          keyword_list
+          note
+        )
+        header += %w(
+          checkout_icalendar_token
+          save_checkout_history
+        ) if defined? EnjuCirculation
+        header << "save_search_history" if defined? EnjuSearchLog
+        header << "share_bookmarks" if defined? EnjuBookmark
+        lines = []
+        User.find_each.map{|u|
+          line = []
+          line << u.username
+          line << u.try(:profile).try(:full_name)
+          line << u.try(:profile).try(:full_name_transcription)
+          line << u.email
+          line << u.try(:profile).try(:user_number)
+          line << u.role.try(:name)
+          line << u.try(:profile).try(:user_group).try(:name)
+          line << u.try(:profile).try(:library).try(:name)
+          line << u.try(:profile).try(:locale)
+          line << u.access_locked?
+          line << u.try(:profile).try(:required_role).try(:name)
+          line << u.created_at
+          line << u.updated_at
+          line << u.try(:profile).try(:expired_at)
+          line << u.try(:profile).try(:keyword_list).try(:split).try(:join, "//")
+          line << u.try(:profile).try(:note)
+          if defined? EnjuCirculation
+            line << u.try(:profile).try(:checkout_icalendar_token)
+            line << u.try(:profile).try(:save_checkout_history)
+          end
+          if defined? EnjuSearchLog
+            line << u.try(:profile).try(:save_search_history)
+          end
+          if defined? EnjuBookmark
+            line << u.try(:profile).try(:share_bookmarks)
+          end
+          lines << line
+        }
+        if options[:format] == :txt
+          lines.map{|line| line.to_csv(col_sep: "\t")}.unshift(header.to_csv(col_sep: "\t")).join
+        else
+          lines
+        end
+      end
+    end
+
+    # ユーザにパスワードが必要かどうかをチェックします。
+    # @return [Boolean]
+    def password_required?
+      if Devise.mappings[:user].modules.include?(:database_authenticatable)
+        !persisted? || !password.nil? || !password_confirmation.nil?
+      end
+    end
+
+    # ユーザが特定の権限を持っているかどうかをチェックします。
+    # @param [String] role_in_question 権限名
+    # @return [Boolean]
+    def has_role?(role_in_question)
+      return false unless role
+      return true if role.name == role_in_question
+      case role.name
+      when 'Administrator'
+        return true
+      when 'Librarian'
+        return true if role_in_question == 'User'
+      else
+        false
+      end
+    end
+
+    # ユーザに使用不可の設定を反映させます。
+    def set_lock_information
+      if locked == '1' and self.active_for_authentication?
+        lock_access!
+      elsif locked == '0' and !self.active_for_authentication?
+        unlock_access!
+      end
+    end
+
+    def set_confirmation
+      if respond_to?(:confirm!)
+        reload
+        confirm!
+      end
+    end
+
+    # ユーザが有効期限切れかどうかをチェックし、期限切れであれば使用不可に設定します。
+    # @return [Object]
+    def check_expiration
+      return if has_role?('Administrator')
+      if expired_at
+        if expired_at.beginning_of_day < Time.zone.now.beginning_of_day
+          lock_access! if active_for_authentication?
+        end
+      end
+    end
+
+    # ユーザの削除前に、管理者ユーザが不在にならないかどうかをチェックします。
+    # @return [Object]
+    def check_role_before_destroy
+      if has_role?('Administrator')
+        if Role.where(name: 'Administrator').first.users.count == 1
+          raise username + 'This is the last administrator in this system.'
+        end
+      end
+    end
+
+    # ユーザに自動生成されたパスワードを設定します。
+    # @return [String]
+    def set_auto_generated_password
+      password = Devise.friendly_token[0..7]
+      self.password = password
+      self.password_confirmation = password
+    end
+
+    # ユーザが有効期限切れかどうかをチェックします。
+    # @return [Boolean]
+    def expired?
+      if expired_at
+        true if expired_at.beginning_of_day < Time.zone.now.beginning_of_day
+      end
+    end
+
+    # ユーザが管理者かどうかをチェックします。
+    # @return [Boolean]
+    def is_admin?
+      return true if has_role?('Administrator')
+      false
+    end
+
+    # ユーザがシステム上の最後のLibrarian権限ユーザかどうかをチェックします。
+    # @return [Boolean]
+    def last_librarian?
+      if has_role?('Librarian')
+        role = Role.where(name: 'Librarian').first
+        return true if role.users.count == 1
+        false
+      end
+    end
+
+    def send_confirmation_instructions
+      Devise::Mailer.confirmation_instructions(self).deliver if email.present?
+    end
+
+    # ユーザが削除可能かどうかをチェックします。
+    # @param [User] current_user ユーザ
+    # @return [Object]
+    def deletable_by?(current_user)
+      return nil unless current_user
+      if defined?(EnjuCirculation)
+        # 未返却の資料のあるユーザを削除しようとした
+        if checkouts.count > 0
+          errors[:base] << I18n.t('user.this_user_has_checked_out_item')
+        end
+      end
+
+      if has_role?('Librarian')
+        # 管理者以外のユーザが図書館員を削除しようとした。図書館員の削除は管理者しかできない
+        unless current_user.has_role?('Administrator')
+          errors[:base] << I18n.t('user.only_administrator_can_destroy')
+        end
+        # 最後の図書館員を削除しようとした
+        if last_librarian?
+          errors[:base] << I18n.t('user.last_librarian')
+        end
+      end
+
+      # 最後の管理者を削除しようとした
+      if has_role?('Administrator')
+        if Role.where(name: 'Administrator').first.users.count == 1
+          errors[:base] << I18n.t('user.last_administrator')
+        end
+      end
+
+      if errors[:base] == []
+        true
+      else
+        false
+      end
+    end
+  end
+end
+
+
+# == Schema Information
+#
+# Table name: users
+#
+#  id                       :integer         not null, primary key
+#  email                    :string(255)     default(""), not null
+#  encrypted_password       :string(255)     default(""), not null
+#  reset_password_token     :string(255)
+#  reset_password_sent_at   :datetime
+#  remember_created_at      :datetime
+#  sign_in_count            :integer         default(0)
+#  current_sign_in_at       :datetime
+#  last_sign_in_at          :datetime
+#  current_sign_in_ip       :string(255)
+#  last_sign_in_ip          :string(255)
+#  password_salt            :string(255)
+#  confirmation_token       :string(255)
+#  confirmed_at             :datetime
+#  confirmation_sent_at     :datetime
+#  unconfirmed_email        :string(255)
+#  failed_attempts          :integer         default(0)
+#  unlock_token             :string(255)
+#  locked_at                :datetime
+#  authentication_token     :string(255)
+#  created_at               :datetime        not null
+#  updated_at               :datetime        not null
+#  deleted_at               :datetime
+#  username                 :string(255)     not null
+#  library_id               :integer         default(1), not null
+#  user_group_id            :integer         default(1), not null
+#  expired_at               :datetime
+#  required_role_id         :integer         default(1), not null
+#  note                     :text
+#  keyword_list             :text
+#  user_number              :string(255)
+#  state                    :string(255)
+#  locale                   :string(255)
+#  enju_access_key          :string(255)
+#  save_checkout_history    :boolean
+#  checkout_icalendar_token :string(255)
+#  share_bookmarks          :boolean
+#  save_search_history      :boolean
+#  answer_feed_token        :string(255)
+#
+

data/app/models/concerns/export_file.rb

@@ -0,0 +1,19 @@
+module ExportFile
+  extend ActiveSupport::Concern
+
+  included do
+    belongs_to :user
+    validates :user, presence: true
+    attr_accessor :mode
+  end
+
+  def send_message
+    sender = User.find(1) #system
+    locale = user.profile.try(:locale) || I18n.default_locale.to_s
+    message_template = MessageTemplate.localized_template('export_completed', locale)
+    request = MessageRequest.new
+    request.assign_attributes({sender: sender, receiver: user, message_template: message_template})
+    request.save_message_body
+    request.transition_to!(:sent)
+  end
+end

data/app/models/concerns/import_file.rb

@@ -0,0 +1,89 @@
+module ImportFile
+  extend ActiveSupport::Concern
+
+  # 失敗したインポート処理を一括削除します。
+  def self.expire
+    self.stucked.find_each do |file|
+      file.destroy
+    end
+  end
+
+  def import_start
+    case edit_mode
+    when 'create'
+      import
+    when 'update'
+      modify
+    when 'destroy'
+      remove
+    else
+      import
+    end
+  end
+
+  # インポートするファイルの文字コードをUTF-8に変換します。
+  # @param [String] line 変換する文字列
+  def convert_encoding(line)
+    if defined?(CharlockHolmes::EncodingDetector)
+      begin
+        case user_encoding
+        when 'auto_detect'
+          encoding = CharlockHolmes::EncodingDetector.detect(line)[:encoding]
+        when nil
+          encoding = CharlockHolmes::EncodingDetector.detect(line)[:encoding]
+        else
+          encoding = user_encoding
+        end
+        line.encode('UTF-8', encoding, universal_newline: true)
+      rescue StandardError
+        nkf_encode(line)
+      end
+    else
+      nkf_encode(line)
+    end
+  end
+
+  # インポート完了時のメッセージを送信します。
+  def send_message
+    sender = User.find(1)
+    locale = user.profile.try(:locale) || I18n.default_locale.to_s
+    message_template = MessageTemplate.localized_template('import_completed', locale)
+    request = MessageRequest.new
+    request.assign_attributes({sender: sender, receiver: user, message_template: message_template})
+    request.save_message_body
+    request.transition_to!(:sent)
+  end
+
+  private
+  def nkf_encode(line)
+    case user_encoding
+    when 'auto_detect'
+      output_encoding = '-w'
+    when 'UTF-8'
+      output_encoding = ''
+    when 'Shift_JIS'
+      output_encoding = '-Sw'
+    when 'EUC-JP'
+      output_encoding = '-Ew'
+    else
+      output_encoding = '-w'
+    end
+    NKF.nkf("#{output_encoding} -Lu", line)
+  end
+
+  def create_import_temp_file(attachment)
+    tempfile = Tempfile.new(self.class.name.underscore)
+    if ENV['ENJU_STORAGE'] == 's3'
+      tempfile.write Faraday.get(attachment.expiring_url(10)).body.force_encoding('UTF-8')
+    else
+      uploaded_file_path = attachment.path
+      open(uploaded_file_path){|f|
+        f.each{|line|
+          tempfile.puts(convert_encoding(line))
+        }
+      }
+    end
+    tempfile.close
+    tempfile
+  end
+end

data/app/models/concerns/master_model.rb

@@ -0,0 +1,38 @@
+module MasterModel
+  extend ActiveSupport::Concern
+
+  included do
+    acts_as_list
+    validates_uniqueness_of :name, case_sensitive: false
+    validates :name, presence: true
+    validate :name do
+      valid_name?
+    end
+    validate :display_name do
+      valid_yaml?
+    end
+    validates :display_name, presence: true
+    before_validation :set_display_name, on: :create
+    strip_attributes only: :name
+  end
+
+  # 表示名を設定します。
+  def set_display_name
+    self.display_name = "#{I18n.locale}: #{name}" if display_name.blank?
+  end
+
+  private
+  def valid_name?
+    unless name =~ /\A[a-z][0-9a-z_]*[0-9a-z]\z/
+      errors.add(:name, I18n.t('page.only_lowercase_letters_and_numbers_are_allowed'))
+    end
+  end
+
+  def valid_yaml?
+    begin
+      YAML.load(display_name)
+    rescue Psych::SyntaxError
+      errors.add(:display_name, I18n.t('page.cannot_parse_yaml_header'))
+    end
+  end
+end

data/app/models/profile.rb

@@ -1,5 +1,4 @@
 class Profile < ActiveRecord::Base
-  enju_circulation_profile_model if defined?(EnjuCirculation)
   enju_search_log_profile_model if defined?(EnjuSearchLog)
 
   scope :administrators, -> { joins(user: :role).where('roles.name = ?', 'Administrator') }
@@ -9,6 +8,7 @@ class Profile < ActiveRecord::Base
   belongs_to :user_group
   belongs_to :required_role, class_name: 'Role', foreign_key: 'required_role_id' #, validate: true
   has_many :identities
+  has_many :agents
   accepts_nested_attributes_for :identities, allow_destroy: true, reject_if: :all_blank
 
   validates_associated :user_group, :library
@@ -18,7 +18,7 @@ class Profile < ActiveRecord::Base
   validates :user_id, uniqueness: true, allow_blank: true
   validates :birth_date, format: { with: /\A\d{4}-\d{1,2}-\d{1,2}\z/ }, allow_blank: true
 
-  normalize_attribute :user_number
+  strip_attributes only: :user_number
 
   attr_accessor :birth_date
 

data/app/models/user_export_file.rb

@@ -1,7 +1,6 @@
 class UserExportFile < ActiveRecord::Base
   include Statesman::Adapters::ActiveRecordQueries
   include ExportFile
-  enju_export_file_model
 
   if ENV['ENJU_STORAGE'] == 's3'
     has_attached_file :user_export, storage: :s3,
@@ -44,7 +43,6 @@ class UserExportFile < ActiveRecord::Base
     raise e
   end
 
-  private
   def self.transition_class
     UserExportFileTransition
   end

data/app/models/user_group.rb

@@ -1,4 +1,3 @@
-# -*- encoding: utf-8 -*-
 class UserGroup < ActiveRecord::Base
   include MasterModel
   has_many :profiles
@@ -8,8 +7,6 @@ class UserGroup < ActiveRecord::Base
     allow_blank: true
 
   paginates_per 10
-
-  enju_circulation_user_group_model if defined?(EnjuCirculation)
 end
 
 # == Schema Information

data/app/models/user_import_file.rb

@@ -33,7 +33,6 @@ class UserImportFile < ActiveRecord::Base
 
   has_many :user_import_file_transitions
 
-  enju_import_file_model
   attr_accessor :mode
 
   def state_machine